Site To Site VPN

Forum|Forum|1 year ago
March 16, 2025
2 replies
627 views

How i can Connect Two Site through vpn in different countries and one country block ipsec VPN if i am using
site a and site b two public ip
or site a public and site b dynamic

FortiGate

Sheikh

Staff

Hello @ahmed_habarab

Have a look into this Technical Tip: IPsec VPN between static and dynamic IP (FQDN)

regards,

Sheikh

If you have found a solution, please like and mark it as solved to make it easily accessible for everyone.

AEK

SuperUser

I don't how this country blocks IPsec, but in case it blocks ESP (IP 50) or port 500 or 4500 then you may try change the port number and force NAT-T in IPsec config. You need to do it on both FortiGates.

config system settings
  set ike-port 5000
end

config vpn ipsec phase1-interface
  edit tunnel-name
    set nattraversal forced
  end
end

I didn't try it but I hope it helps.

AEK

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded